The Worst Cyber Event In History
This July 8.5 million Microsoft devices were hit with a faulty software update – the scale of effects of the disruption caused make this event, which began on 19 July, makes it the worst cyber event in history, beating the WannaCry cyber-attack in 2017 where 300,000 computers in 150 countries were affected.
Enormous Impact
The faulty CrowdStrike software update caused major disruptions across a wide variety of industries globally, which included airlines, healthcare, financial services, media & broadcasting, emergency services and retail.
Fix issued
A fix was relatively quickly circulating amongst the tech community – but it required somebody with tech-knowhow to be physically present to put it in place. As IT support is often administered remotely this created a massive headache for IT departments and outsourced IT suppliers and was one reason why it took so long to correct. A week after it started, Crowdstrike were saying 97% of affected devices were back online.
What can we learn from this?
This is difficult to answer as every business will have to consider their specific requirements.
To eliminate a single point of failure can only mean one thing : running parallel services at the same time on an ongoing basis (and even this can have potential points of failure).
For most businesses, this would be cost prohibitive, you have to weigh up the cost of running a service which is in effect completely redundant for long periods of time, just to avoid the possibility of business disruption at some point in the future.
How can an MSP help in a situation like this?
A Managed Service Provider such as Globe2 is a third party who can supply and manage Crowdstrike and other third party applications and provide IT support.
The tech community quickly identified the cause – because it affected Windows devices, there was some early confusion that it was a Microsoft issue – and fixes were being circulated. We were first aware of the issue at 8:16 AM and a fix had been identified by 8:18.
In an event such as this, the company at the heart of the issue would likely be overwhelmed with support requests; end users would have to fend for themselves trying to filter a mass of tech info to understand what was happening.
MSPs would of course likely also be under stress in such an event, but it may be more manageable.
As MSPs are generally independent and tech agnostic (they will provide whatever is best for the client) they are better able to provide an informed third-party opinion.
If downtime is completely unacceptable to your business, an MSP may be able to advise on reducing, if not eliminating, potential points of failure – at least you would have an idea of what to expect so you can plan accordingly.
